[ANNOUNCE] Weekly Community Update 2020/20

Dear community,

happy to share this week's community update. With feature freeze for Flink
1.11 today, there are not a lot of feature-related discussions right now on
Apache Flink development mailing list. Still I can share some news on
Apache Flink 1.11 and 1.10.1, Flink Forward Global and a discussion on
stability guarantees for @PublicEvolving classes.

Note: Going forward I will publish the weekly Apache Flink community update
on Mondays for the preceding week.

Flink Development
==============

* [releases] Apache Flink 1.11 feature freeze is today. Afterwards, release
testing will commence. [1]

* [releases] Apache Flink 1.10.1 was released early last week [2,3].
Shortly afterwards the community discovered a change [4] in 1.10.1 that
broke binary compatibility of the StreamingFileSink. More information in
the next item. [5]

* [development process] Triggered by the compatibility issue with the
StreamingFileSink, a class annotated with @PublicEvolving, the community
started discussing what stability guarantees this annotation gives for
patch releases. It seems like (ongoing vote) that going forward the
community will commit to ensure API and binary
compatibility of @PublicEvolving classes across patch releases. (x.y.u ->
x.y.v). [6]

* [security] The Apache Flink PMC has informed all users about a
vulnerability in the Apache Flink JMX Reporter []. A fix is contained in
Apache Flink 1.9.3 and 1.10.1. For all other versions of Apache Flink
Chesnay's email contains a commit that can be cherry-picked to fix the
vulnerability. [7]

* [deployment] Gyula proposes to extend the Apache Flink web user interface
to show information across multiple job or application clusters. [8]

[1]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/DISCUSS-Exact-feature-freeze-date-tp40624.html
[2]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/ANNOUNCE-Apache-Flink-1-10-1-released-tp41435.html
[3] https://flink.apache.org/news/2020/05/12/release-1.10.1.html
[4] https://issues.apache.org/jira/browse/FLINK-16684
[5]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/Discuss-Breaking-API-Change-in-1-10-1-tp41377.html
[6]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/DISCUSS-Stability-guarantees-for-PublicEvolving-classes-tp41459.html
[7] https://nvd.nist.gov/vuln/detail/CVE-2020-1960
[8]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/CVE-2020-1960-Apache-Flink-JMX-information-disclosure-vulnerability-tp41437.html

Notable Bugs
==========

Nothing came to my attention.

Events, Blog Posts, Misc
===================

* Yuan Mei started a discussion to create a platform to collect and share
learning resources around Apache Flink. Positive feedback, main concern is
maintainability. The discussion showed that we are looking for something
"more dynamic", where everyone (not just committers) can share their
material. Yuan will work on a prototype for such a page. [9]

* Ververveica will host another global virtual conference 19th - 21st of
October 2020. The conference will consist of a training day (limited seats,
paid) and two days of keynotes and conference talks (free). You can already
pre-registered and submit your talks under
https://www.flink-forward.org/global-2020.

[9]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/DISCUSS-Add-a-material-web-page-under-https-flink-apache-org-tp41298.html

Cheers,

Konstantin

--

Konstantin Knauf

https://twitter.com/snntrable

https://github.com/knaufk